Simple Backup

CVEs (2)

• CVE-2016-20076HigJun 15, 2026
  WordPress

  Simple Backup
  risk 0.49cvss 7.5epss —

  WordPress Simple-Backup 2.7.11 contains multiple vulnerabilities that allow unauthenticated attackers to delete arbitrary files and download sensitive files by manipulating the delete_backup_file and download_backup_file parameters in tools.php. Attackers can exploit…

• CVE-2015-10134Jul 19, 2025
  Simple Backup

  Simple Backup
  risk 0.09cvss —epss 0.76

  The Simple Backup plugin for WordPress is vulnerable to Arbitrary File Download in versions up to, and including, 2.7.10. via the download_backup_file function. This is due to a lack of capability checks and file type validation. This makes it possible for attackers to download…